<?php

	/*
		Filename: admincp.php
		Description: The login page for the admincp.php (Redirects to admincps.php)
		
		Last Edit: 13-08-2012 (dd-mm-yyyy)
	*/
	
	// Inlcude database
	require_once("./Config/Config.php");
	
	// Include functions
	require_once("./Config/Functions.php");
	
	if(isset($_GET['admin_username']) == false)
	{
		echo '<h1>Control Panel Login</h1>
	
		Please login with your username and password to control your tests and students.<br><br>
	
		<form action="./index.php" method="GET">
			<input type="hidden" name="p" value="admincp">
			
			<b>Username:</b><br>
			<input type="text" name="admin_username" size="120"><br><br>
			
			<b>Password:</b><br>
			<input type="password" name="admin_password" size="120"><br><br>
			
			<input type="submit" value="Login!">
		</form>';
	}
	else
	{
		if(isset($_SESSIOn['admin_id']) == false)
		{
			$Username = mysql_real_escape_string($_GET['admin_username']);
			$Password = mysql_real_escape_string($_GET['admin_password']);
			$Password = sha1(md5($Password));
			
			$Admin = getAdmin($Username);
			if($Admin == false) die("Your username or password was incorrect.");
			if($Admin->Password != $Password) die("You username or password was incorrect");
			
			$_SESSION['admin_id'] = $Admin->Id;
		}
		header("Location: ./index.php?p=admincps");
	}
?>